Profiling Cybercriminals

Criminal profiling has reached the mainstream through various crime shows where the technique is employed to understand who the perpetrator of a crime is. In real life it is nowhere near the exact science that TV shows make out, it is as much of an art form as a scientific method but is useful in understanding the types of people attracted to a life of crime. With the rise of cyber-crime, profiling has now stretched to incorporate this world. As Sun Tzu said knowing enemies helps to know oneself but it can also help to understand how to beat enemies.

The word ‘hacker’ immediately summons an image of an isolated man in their early 20s who has incredible computer knowledge but a severe lack of social skills. As with most stereotypes this is far too specific to be taken seriously and as with most crime there are a wide array of offenders from all different walks of life. Even with this huge diversity there is some general information that can be understood about cyber criminals.

Motivation

All crimes have a motive and understanding this motive gives some insight into how the criminal will act and what targets they will go after. For cybercrime there are a huge number of motivations that range from simple revenge to money to a desire to change the world. This broad range of motivations makes it much harder to understand why a hacker is going after a certain company or individual. For business hacks tend to be motivated by two factors either financial gain or revenge on a former employer. Revenge attacks tend to be far more damaging than those seeking financial benefits.

Skill

The skill level of cybercriminals varies a lot – as with any profession. Not all are technically minded with lots of experience of computer systems. Some fit this profile but others don’t. Script Kiddies tend to be teenagers who simply re-use other people’s code to perpetrate attacks, they have limited technical knowledge and skills.

Age

As with skill, there is no set cybercriminal age, those with higher levels of skill do tend to be older and Script Kiddies tend to be teenagers. The type of tool used can actual reveal a lot about the age of the criminal. The NCA revealed an operation against DDoS attacks led to the arrests of 7 people all of whom were under the age of 18 and another investigation into Remote Access Trojans found the average buyer of this program was 18 years old with the youngest purchaser just 12. Therefore, if the attack you discover is using a common piece of software it is more likely to be a teenager.

Cybercrime costs businesses billions of pounds every year, does understanding who commits this crime help prevent it?